In a recent Stack Overflow podcast episode, Joel Spolsky mentioned that he’s probably going to formally end his popular Joel on Software blog next month.
He has been talking to someone named Jason who’s doing a pretty good job convincing him to “blog” privately instead, via email, only to a…
A collective intelligence decision-making system. From the site: “Hunch gives customized recommendations and gets smarter the more you use it.”
Whether you’re a programmer or Web designer or developer, an artist, help-desk geek, or tech supporter, a filmmaker or writer, you’re a part of the Geek Ascension. People need you. They hire you. They can’t afford to be contemptuous. Life isn’t a breeze, but it sure is different. You have an open invitation to what is, at the moment, the greatest party in the world: the Internet and the World Wide Web.
Geek - Jon Katz, introduction (submitted by brklyn) (via fuckyeahcomputerscience)
The argument clinic (Monty Python)
Client: “[Indian outsourcer] says he can do this site for $200. Why should I go with you?”
Me: “Has he done any work for you in the past?”
Client: Yeah! He did [Other Site] for me.
[I load the other site]
Me: “The entire site’s done in Flash.”
Client: “Huh?”
Me: “It’s a site for iPhone users.”
Client: “I know. Cool, huh?”
Me: “It’s a site for iPhone users… none of whom can see it…”
Client: “Huh?”
Me: “The iPhone doesn’t support Flash.”
Client: “Well it looks fine on my PC!”
Me: “Do you have an iPhone?”
Client: “No.”
Me: “…”
Client: “Tell you what, I’m just gonna go with [Indian outsourcer]. He seems like he knows what he’s doing and I’m not sure you do.”
Me: “Have fun.”
A recent study by the San Jose Mercury News shows that at Stanford, cheating in computer science classes account for 22% of the university’s total honor code violations, despite accounting for only 7% of student enrollment…
Last spring, I took a security course. In one of the lectures, the professor put forth a strikingly similar argument. Open-source advocates belittle proprietary code as “security by obscurity,” but before you shout “oh yes!” consider the following two issues.
- Interesting open-source software is huge, and requires a lot of effort to read and understand. Security-critical components like servers, kernels, device drivers, and crypto packages are difficult to figure out even when you do have the source code available. A majority of programmers would be hard-pressed to even understand what is going on in that code, let alone find and fix bugs in it. This is all before acknowledging the fact that most users aren’t even programmers to begin with. It’s not hard to see why “open source == more eyeballs” might not be as true as we think.
- If bad guys find bugs, where’s the incentive to report them? Zero-day exploits like those used in Aurora are prized possessions and can be sold for money within the hacker underground. In fact, it’s not that far-fetched believe that these “black hats” have greater motivation to pick through open source software for bugs than white hats. It may well be that of the few external entities auditing the code, most of them are doing so for exploitation.
